Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/bCXuqVENT9Ie1ZYtZ9_4gGVkT4Y.roa
File: bCXuqVENT9Ie1ZYtZ9_4gGVkT4Y.roa (raw, json)
Hash identifier: Heta3Lh/5uNTpr7fOhsy/eDZ5WJL1pJK0xfPVDuKq+I=
Subject key identifier: 6C:25:EE:A9:51:0D:4F:D2:1E:D5:96:2D:67:DF:F8:80:65:64:4F:86
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0197609180BF2D694ADDB57DED23D8C78B6F
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/bCXuqVENT9Ie1ZYtZ9_4gGVkT4Y.roa
Signing time: Wed 11 Jun 2025 19:57:17 +0000
ROA not before: Wed 11 Jun 2025 19:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 17:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:91:80:bf:2d:69:4a:dd:b5:7d:ed:23:d8:c7:8b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Jun 11 19:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c25eea9510d4fd21ed5962d67dff88065644f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8e:84:35:6c:16:c7:49:54:55:4e:9a:72:37:
4b:6b:bd:6a:95:05:7e:5c:e5:89:87:af:96:a9:75:
d7:63:70:5e:26:28:f7:ba:56:96:90:ef:02:14:73:
83:56:2b:78:d8:00:e5:30:be:d2:1c:02:b5:db:26:
f5:42:03:5c:97:a6:00:b2:1c:d2:0d:eb:bb:34:8e:
67:cc:d9:4f:a7:ee:02:45:40:d8:b0:dc:d4:dc:1e:
e3:be:3a:a3:1e:52:cf:7f:56:c5:58:de:c8:c2:ce:
a4:4c:83:4e:97:77:63:33:0e:07:39:d3:a4:ac:3e:
47:f5:4a:5b:56:54:a5:2e:c2:cd:60:7e:84:83:33:
2d:9b:91:d0:e9:2b:36:64:e7:49:f7:1b:a7:38:d1:
26:4f:a4:29:97:72:e5:57:2a:89:18:e8:a7:36:0b:
25:f7:72:12:df:f9:b4:08:c6:98:e8:dd:d8:d7:2c:
4d:7e:b2:bd:e5:0b:4f:06:07:56:88:3f:c2:bd:34:
d2:04:2d:4e:11:80:cb:29:04:89:56:cd:06:c7:64:
45:b0:da:55:de:90:94:2b:1e:40:1e:35:d5:59:15:
32:4e:3b:0c:fc:be:e7:dc:74:5e:0e:5b:a3:8a:81:
28:7d:dd:8c:98:2e:1a:61:2b:ef:61:75:44:28:ee:
f7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:25:EE:A9:51:0D:4F:D2:1E:D5:96:2D:67:DF:F8:80:65:64:4F:86
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/bCXuqVENT9Ie1ZYtZ9_4gGVkT4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.56.0/24
Signature Algorithm: sha256WithRSAEncryption
60:87:ba:6c:37:da:73:60:c8:26:c7:ce:f9:b0:d3:a8:4b:c9:
26:a1:b3:33:1a:ac:62:25:c8:c0:c0:33:dc:fd:30:de:c2:80:
00:35:bf:26:c2:8a:bf:a6:af:f9:bd:ef:17:00:c7:d7:80:e1:
6b:f8:d5:09:60:81:da:10:cd:f8:65:61:3e:18:be:97:87:11:
e7:7b:51:18:3c:b8:50:fa:24:12:af:d6:2f:17:6e:54:7e:6d:
f3:62:7f:b0:ad:63:b2:e6:0d:41:18:17:a7:c1:89:7a:bb:d4:
c0:b7:76:ea:47:2b:ff:3f:1f:1c:80:a6:e2:8e:db:dd:24:b9:
2d:5b:a1:29:6d:66:50:e1:11:b6:a4:ed:0f:df:e1:9f:7c:f6:
2a:c6:db:48:cc:71:24:44:b9:ab:e3:87:5f:62:aa:27:84:71:
04:20:ed:0e:25:ca:c2:56:dc:05:0f:bd:31:bc:f9:65:24:56:
b0:7b:ae:f7:14:59:cf:a8:d3:ef:20:a5:a2:42:20:0b:b1:bb:
fd:a5:92:01:0f:a5:59:80:5f:25:dd:7a:2a:8c:c9:17:1a:32:
6f:d8:4a:a0:db:40:a7:be:85:5b:48:d1:fb:41:b4:ac:81:50:
6f:4e:94:ee:e7:67:de:33:51:1f:70:c8:f4:28:22:fb:fd:f3:
cc:74:84:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdgkYC/LWlK3bV97SPYx4tvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwNjExMTk1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI1ZWVhOTUxMGQ0ZmQyMWVkNTk2MmQ2N2RmZjg4MDY1NjQ0Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo6ENWwWx0lUVU6acjdLa71qlQV+
XOWJh6+WqXXXY3BeJij3ulaWkO8CFHODVit42ADlML7SHAK12yb1QgNcl6YAshzS
Deu7NI5nzNlPp+4CRUDYsNzU3B7jvjqjHlLPf1bFWN7Iws6kTINOl3djMw4HOdOk
rD5H9UpbVlSlLsLNYH6EgzMtm5HQ6Ss2ZOdJ9xunONEmT6Qpl3LlVyqJGOinNgsl
93IS3/m0CMaY6N3Y1yxNfrK95QtPBgdWiD/CvTTSBC1OEYDLKQSJVs0Gx2RFsNpV
3pCUKx5AHjXVWRUyTjsM/L7n3HReDlujioEofd2MmC4aYSvvYXVEKO73RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwl7qlRDU/SHtWWLWff+IBlZE+GMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvYkNYdXFWRU5UOUllMVpZdFo5XzRnR1ZrVDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXo4MA0G
CSqGSIb3DQEBCwUAA4IBAQBgh7psN9pzYMgmx875sNOoS8kmobMzGqxiJcjAwDPc
/TDewoAANb8mwoq/pq/5ve8XAMfXgOFr+NUJYIHaEM34ZWE+GL6XhxHne1EYPLhQ
+iQSr9YvF25Ufm3zYn+wrWOy5g1BGBenwYl6u9TAt3bqRyv/Px8cgKbijtvdJLkt
W6EpbWZQ4RG2pO0P3+GffPYqxttIzHEkRLmr44dfYqonhHEEIO0OJcrCVtwFD70x
vPllJFawe673FFnPqNPvIKWiQiALsbv9pZIBD6VZgF8l3XoqjMkXGjJv2Eqg20Cn
voVbSNH7QbSsgVBvTpTu52feM1EfcMj0KCL7/fPMdIS6
-----END CERTIFICATE-----
Generated at Thu Jun 19 08:39:59 2025 by rpki-client